Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/_kracAGUMrxqPnUISgF6JT7UYEU.roa
File:                     _kracAGUMrxqPnUISgF6JT7UYEU.roa (raw, json)
Hash identifier:          B33CbC5H0PkfZjRdN013Vu+cuFXHmSV/ql5LZiS+Sm8=
Subject key identifier:   FE:4A:DA:70:01:94:32:BC:6A:3E:75:08:4A:01:7A:25:3E:D4:60:45
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       01FA
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/_kracAGUMrxqPnUISgF6JT7UYEU.roa
Signing time:             Tue 30 May 2023 16:29:23 +0000
ROA not before:           Tue 30 May 2023 16:29:23 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        211.14.120.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 506 (0x1fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:29:23 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=FE4ADA70019432BC6A3E75084A017A253ED46045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f3:7b:fa:ae:b2:d7:3c:3f:e4:80:a9:a4:71:
                    38:03:03:6c:3f:8d:e9:8e:e8:21:df:08:0e:5e:cf:
                    be:c5:90:01:4a:47:2c:74:65:d0:1a:53:d5:94:11:
                    7b:27:6f:49:75:76:76:5d:9b:00:02:48:5e:a5:7a:
                    92:bc:8c:bd:9f:d4:28:6d:f9:7b:d6:a8:34:47:81:
                    f6:a3:db:ca:11:d6:b2:71:bd:c2:26:79:d4:dd:ae:
                    87:91:65:fb:56:21:e7:00:23:a3:70:2f:3a:e6:10:
                    60:50:78:12:1f:b6:7e:16:37:33:14:f4:ee:a0:f3:
                    87:dc:6c:5a:95:4e:bc:e0:77:7a:d7:ac:5f:fc:44:
                    fe:6e:1f:8c:41:c9:ef:26:40:c4:39:1e:47:53:4a:
                    dd:ea:16:64:29:4c:6f:d9:c2:a7:01:a2:fc:c9:1d:
                    f4:44:76:19:f0:89:21:00:e7:96:a4:a2:41:c3:6f:
                    cc:7d:f7:22:c8:b5:32:17:ae:a1:a3:89:10:15:32:
                    66:fc:27:95:14:a4:05:5f:d9:27:39:7f:35:d1:f3:
                    c0:7d:70:36:5c:36:74:f4:9b:48:c5:a7:9d:0d:46:
                    be:e0:e7:f2:85:d8:b7:5d:8f:61:8b:8b:2a:6b:63:
                    d9:fa:e2:05:9c:d3:b7:9b:9b:99:21:9b:fa:3c:05:
                    ae:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:4A:DA:70:01:94:32:BC:6A:3E:75:08:4A:01:7A:25:3E:D4:60:45
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/_kracAGUMrxqPnUISgF6JT7UYEU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         bd:94:fd:2f:85:81:0f:19:f8:11:a4:2d:92:25:6c:cc:fb:c4:
         41:7c:ee:0f:78:0b:d3:98:69:ae:89:68:d3:9f:64:bf:2b:9e:
         3f:ab:9b:0b:6b:16:c8:ca:c5:1a:19:f6:67:4b:4d:0b:b8:a1:
         64:fb:2b:47:d9:4a:7a:66:64:85:ea:f6:97:9b:4a:56:61:6e:
         03:e2:5f:16:6a:01:4f:b7:fc:b3:38:f3:a3:cf:e0:3c:91:4c:
         76:3b:2f:0f:6c:fa:47:57:35:ce:b0:ce:4e:d8:c5:7b:95:a1:
         11:96:81:b3:f0:2d:49:4a:0d:26:ce:50:d4:85:a5:11:f3:46:
         4a:ac:1b:c3:04:4f:1d:09:d7:9b:ef:3d:3a:62:ea:f0:87:49:
         42:9a:92:2e:cb:40:82:81:37:95:9f:4d:f4:09:a6:42:f2:22:
         11:32:21:eb:ef:13:e1:08:79:f4:b9:5c:90:a6:06:cd:fb:0a:
         d1:54:8e:d5:21:62:a1:79:1e:78:8b:33:28:c7:08:ae:ac:b3:
         9e:35:a1:25:8c:59:b7:64:7d:d9:87:db:b0:31:93:a6:22:d4:
         43:6a:bf:e2:ef:be:76:0b:bb:1b:68:7d:23:33:cd:59:b0:b3:
         f1:1d:0b:6b:9f:aa:12:d1:cb:ab:e8:3b:ab:38:fe:57:13:1f:
         cd:a7:47:43
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjI5MjNaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEZFNEFEQTcwMDE5NDMy
QkM2QTNFNzUwODRBMDE3QTI1M0VENDYwNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv83v6rrLXPD/kgKmkcTgDA2w/jemO6CHfCA5ez77FkAFKRyx0
ZdAaU9WUEXsnb0l1dnZdmwACSF6lepK8jL2f1Cht+XvWqDRHgfaj28oR1rJxvcIm
edTdroeRZftWIecAI6NwLzrmEGBQeBIftn4WNzMU9O6g84fcbFqVTrzgd3rXrF/8
RP5uH4xBye8mQMQ5HkdTSt3qFmQpTG/ZwqcBovzJHfREdhnwiSEA55akokHDb8x9
9yLItTIXrqGjiRAVMmb8J5UUpAVf2Sc5fzXR88B9cDZcNnT0m0jFp50NRr7g5/KF
2Lddj2GLiyprY9n64gWc07ebm5khm/o8Ba5hAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU/kracAGUMrxqPnUISgF6JT7UYEUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L19rcmFjQUdVTXJ4cVBuVUlTZ0Y2SlQ3VVlFVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPTDngwDQYJKoZIhvcNAQELBQADggEBAL2U/S+FgQ8Z+BGkLZIlbMz7xEF8
7g94C9OYaa6JaNOfZL8rnj+rmwtrFsjKxRoZ9mdLTQu4oWT7K0fZSnpmZIXq9peb
SlZhbgPiXxZqAU+3/LM486PP4DyRTHY7Lw9s+kdXNc6wzk7YxXuVoRGWgbPwLUlK
DSbOUNSFpRHzRkqsG8METx0J15vvPTpi6vCHSUKaki7LQIKBN5WfTfQJpkLyIhEy
IevvE+EIefS5XJCmBs37CtFUjtUhYqF5HniLMyjHCK6ss541oSWMWbdkfdmH27Ax
k6Yi1ENqv+LvvnYLuxtofSMzzVmws/EdC2ufqhLRy6voO6s4/lcTH82nR0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org